As has been reported over the news, on the 12th of May a ransomware program ‘WannaCry’ ('WannaCrypt', 'WCRY') targeting Microsoft Windows computers was launched. This cyber-attack has affected over 230 000 computers in more than 150 countries. Microsoft has released a number of updates to mitigate the MS17-010 vulnerability which the ransomware program targets with doing an SMB exploit. The Microsoft Security Bulletin on MS17-010 can be found here. Lansweeper can be used to find machines that do not have the hotfixes installed to mitigate the SMB vulnerability. Follow the steps below to verify that you currently do not have any vulnerabilities:

Hover over the ‘Assets’ tab and select the ‘Windows’ asset type.

On the page giving back all the Windows computers click on the ‘Rescan Assets’ option. This will scan all the data from the Windows computer without taking into account the interval times that are setup under Scanning\Scanned Item Interval.

Once the Windows assets have been rescanned - you can check this under Scanning\Scanning Queue - run the report below. The report will give back the machines that do not have the hotfixes installed. We highlighted the list of hotfixes in yellow. Further hotfixes can be added as they are released by Microsoft. To run the report found in the report center, do the following:

1. Open the report builder in the Lansweeper web console under Reports/Create New Report.2. Paste the SQL query (report) found in the report center at the bottom of the page, replacing the default SQL query.3. Left-click somewhere in the upper section of the page so the query applies.4. Give the report a title.5. Hit the Save & Run button to save the report.

For your information, we will be updating the report as Microsoft releases new hotfixes. Certain KBs may not yet be in the list of the report.

Added 'ScanningErrors' column. This lists any scanning errors the computer may have generated. Machines with scanning errors may not have up-to-date Windows hotfix information and may appear in the report even though they are fully patched.

Added 'WindowsUpdateInfoLastScanned' column. This lists the amount of days that have passed since Windows update information has last been scanned for the asset.